codex-bridge

Provides an MCP server that exposes two Codex-related tools to MCP-compatible coding assistants, bridging tool calls to the official OpenAI Codex CLI via subprocess execution. Supports configurable timeouts and (optionally) bypassing Codex CLI git-repository checks.

Evaluated Mar 30, 2026 (21d ago)
Repo ↗ DevTools mcp codex openai ai-coding-assistant cli-bridge python tooling
⚙ Agent Friendliness
60
/ 100
Can an agent use this?
🔒 Security
61
/ 100
Is it safe for agents?
⚡ Reliability
38
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
70
Documentation
75
Error Messages
--
Auth Simplicity
60
Rate Limits
20

🔒 Security

TLS Enforcement
90
Auth Strength
55
Scope Granularity
30
Dep. Hygiene
60
Secret Handling
70

Security model is largely inherited from the external Codex CLI and MCP host environment. Bridge uses environment variables for timeouts and a git-check bypass flag; README warns about trusting directories when skipping checks. No explicit secrets management, logging behavior, or scope/least-privilege controls are documented in the provided content.

⚡ Reliability

Uptime/SLA
0
Version Stability
55
Breaking Changes
40
Error Recovery
55
AF Security Reliability

Best When

You already use the official Codex CLI and want MCP-tool access for local/agent workflows with minimal integration overhead.

Avoid When

You cannot control the working directory contents or trust boundaries (especially when disabling git checks).

Use Cases

  • Integrate Codex CLI with MCP clients like Claude Code, Cursor, and VS Code
  • Have an agent answer coding/architecture questions using Codex via a standardized MCP interface
  • Perform targeted file analysis by piping file contents to Codex
  • Batch multiple Codex queries for automation/CI-style workflows

Not For

  • Directly calling Codex/OpenAI APIs over HTTP from your application (this is CLI-first)
  • Use cases requiring fine-grained model/provider controls beyond what the Codex CLI supports
  • Untrusted/hostile directory analysis without controls (git check bypass can increase risk)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: Local Codex CLI authentication (e.g., via `codex` / `codex auth login`)
OAuth: No Scopes: No

Authentication is delegated to the external Codex CLI; the MCP server itself primarily passes through CLI execution and relies on CLI auth state.

Pricing

Free tier: No
Requires CC: No

README claims 'Zero API costs' by using the official Codex CLI; however, actual Codex CLI/model usage may still incur provider costs outside this package.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Documented

Known Gotchas

  • Relies on `codex` CLI being installed and authenticated; tool calls will fail if CLI is missing or not in PATH
  • Timeouts are enforced (default 90s); large inputs may require increasing `CODEX_TIMEOUT`
  • If `CODEX_SKIP_GIT_CHECK` is enabled, it should only be used in trusted directories you control

Alternatives

Use Codex CLI directly without an MCP bridge Implement an MCP server that calls an OpenAI API directly (HTTP) instead of the CLI Use other existing MCP bridges for OpenAI/Code models

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for codex-bridge.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered